CVE-2020-27290 Information

Description

In Hamilton Medical AGT1-Ventillator versions 2.2.3 and prior an information disclosure vulnerability in the ventilator allows attackers with physical access to the configuration interface’s logs to get valid checksums for tampered configuration files.

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://us-cert.cisa.gov/ics/advisories/icsma-21-047-01

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

4.3